AWS CLI — Universal Command Line Interface for Amazon Web Services

Introduction

The AWS CLI is the official command-line tool for interacting with Amazon Web Services. It wraps the AWS SDK for Python (botocore) and exposes every AWS API operation as a subcommand, making it the backbone of cloud automation scripts, CI/CD pipelines, and day-to-day AWS administration.

What AWS CLI Does

• Provides commands for every AWS service API (EC2, S3, Lambda, IAM, etc.)
• Supports JSON, YAML, table, and text output formats for scripting
• Enables server-side and client-side filtering with --query (JMESPath)
• Handles pagination, retries, and credential management automatically
• Offers high-level S3 commands (cp, sync, mv) for bulk file operations

Architecture Overview

AWS CLI v2 is distributed as a self-contained installer with a bundled Python runtime, eliminating dependency conflicts. It reads credentials from ~/.aws/credentials, environment variables, or IAM roles. Each command maps to a REST API call against AWS endpoints, with automatic request signing using Signature Version 4.

Self-Hosting & Configuration

• Install via official installer (Linux, macOS, Windows) or Docker image amazon/aws-cli
• Store profiles in ~/.aws/config for multi-account and multi-region setups
• Use aws configure sso for AWS IAM Identity Center (SSO) authentication
• Enable CLI auto-prompt with aws --cli-auto-prompt for interactive discovery
• Set AWS_PAGER to control output paging behavior

Key Features

• AWS CloudShell integration for browser-based CLI access with pre-authenticated sessions
• Wizards for complex operations like aws configure and aws dynamodb wizard
• Server-side --filters reduce API response payloads before transfer
• Supports assume-role chaining and MFA token prompts for secure cross-account access
• YAML output format (v2 exclusive) for human-readable structured data

Comparison with Similar Tools

• Azure CLI — equivalent tool for Microsoft Azure cloud services
• gcloud CLI — Google Cloud's command-line interface
• eksctl — specialized CLI for Amazon EKS cluster management
• Terraform — declarative IaC that provisions AWS resources via state files
• Pulumi — IaC using general-purpose programming languages, supports AWS

FAQ

Q: What is the difference between AWS CLI v1 and v2? A: v2 bundles its own Python, adds SSO support, auto-prompt, YAML output, and improved installers. v1 requires a separate Python installation.

Q: How do I manage multiple AWS accounts? A: Use named profiles in ~/.aws/config and switch with --profile <name> or the AWS_PROFILE environment variable.

Q: Can the AWS CLI run in CI/CD pipelines? A: Yes. Set AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables, or use OIDC-based role assumption in GitHub Actions and similar platforms.

Q: Is the AWS CLI open source? A: Yes, the source is on GitHub under an Apache-compatible license, though it depends on the proprietary AWS service APIs.

Sources

• https://github.com/aws/aws-cli
• https://docs.aws.amazon.com/cli/